The advantage to this is that Linux.Encoder possessed flaws in its cryptographic implementation for at least the first three versions, which allowed Bitdefender’s researchers to develop tools that could decrypt the files affected by the malware. According to Bogdan Botezatu, senior e-threat analyst at Bitdefender, even the latest version of Linux.Encoder (4), has the same flaws that affected the previous versions.

“The infected Mac OS X torrent client update analyzed by Bitdefender Labs looks virtually identical to version 4 of the Linux.Encoder Trojan that has been infecting thousands of Linux servers since the beginning of 2016,” Bitdefender researchers stated in a blog post published on Tuesday. The result of this is that KeRanger also contains the same broken cryptographic implementation.

Bitdefender is yet to publish a tool able to decrypt KeRanger affected files, however, development of such a tool is under consideration, should the demand be sufficient.

The purpose behind KeRanger still remains to be seen, considering the great lengths that those responsible for it have gone to, including stealing a legitimate Apple developer’s certificate and hacking into a popular and trusted open source project’s website, if the ransomware they were distributing had such a crucial known weakness. Whether a newer, more dangerous version of KeRanger will appear in the future could be quite likely, however, those affected by its current iteration should be thankful that this incident was not more serious.

Support eTeknix.com

By supporting eTeknix, you help us grow. And continue to bring you the latest news, reviews, and competitions. Follow us on Facebook and Twitter to keep up with the latest technology. Share your favourite articles, chat with the team and more. Also check out eTeknix YouTube, where you'll find our latest video reviews, event coverage and features in 4K!

Check out our Latest Video

Speak Your Mind

Tell us what you're thinking... and oh, if you want a pic to show with your comment, go get a gravatar!